A client of Sharp Decisions Inc. is looking to bring on a
Security Administrator to be based in Marysville, OH. Position is on a long-term contract basis. W2 Only. Job Description:
Enforcement of security settings and response to governance audit questions on Mainframe and AS400 systems.
Perform user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures
Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures o, as well as with industry best practices and vendor guidelines.
Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
Locate and repair security problems and failures.
Collate security incident and event data to produce monthly exception and management reports.
Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate.
Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
Develop and maintain documentation for security systems and procedures.
Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
Provide guidance to junior members of the team.
Academic/Experience/Competency BA/BS in Information Technology, Computer Science, or related field or equivalent work experience. 5 to 7 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration; Understanding of in security subjects Knowledge of security policies and interprets policies Understanding of a specific security application or tool and how it works Ability to assess security safeguards Ability to deal with threats and intermediate level incidents Ability to deal with intrusions at a moderate threat level Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management. Technical proficiency with security-related systems and applications, especially: Experience in developing, documenting and maintaining security procedures. Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts. Working technical knowledge of current systems' software, protocols and standards. Strong knowledge of TCP/IP and network administration/protocols.
Tasks completed on a daily, weekly, monthly or annual basis, project assigned
zOS Security Account Maintenance
Level 2 and Level 3 Help Desk ticket support - ServiceNow
SOX Audit evidence gathering and presentation
Utilize security modules to provision / revoke access to mainframe systems
Data Set maintenance (users and service accounts) Access management. Develop/maintain role based provisioning
Project tasks related to Mainframe
PGP key, certificates, keyring creation and keychain management.
Manage access and use of privileged accounts
Custom application security management
Knowledge, skills, abilities, traits, certifications, years of experience, to successfully perform job function
Hands on zOS Administration or Developer experience - 5+ years
A background in Information security systems with specific knowledge around Access Control.
Hands on Active Directory and LDAP queries experience - 1+ years
Functional understanding of TCP/IP networks and Firewalls
Functional understanding of following protocols: TCP, UDP, DNS, NetBIOS, HTTP, HTTPS, SMTP, SNMP, SSH, SSL
Functional understanding of database concepts
Prior experience as technical lead for enterprise software deployments
Basic UNIX system administration
Basic database administration
Basic scripting experience
Experience with the following technologies/products: Identity Management, PAM, Authentication and SSO, System Monitoring and Alerting, and Ticketing Systems.
